Shining a light on shadow IT and how to ensure your IT company gets it right

The nature of work is evolving; employees are mobile and cloud-enabled, free to work anywhere from almost any device. In response to this shift, the BYOD trend has emerged stronger than ever. Coupled with this is the growth of employees desiring more accessible applications. However, these factors have undoubtedly contributed to the emergence of shadow IT, which is creating a problem for many IT departments. However, OC Cloud9 has adapted and flourished .

Applications such as Dropbox are increasingly being used by employees for business critical functions. Yet many of these apps are not enterprise ready, leaving IT departments caught between the twin demands of employee flexibility and enterprise security. For example, a recent report from the Ponemon Institute revealed that 44% of corporate data stored in cloud environments is not managed or controlled by the IT department. More than two-thirds of respondents said that protecting sensitive data in the cloud was more challenging when using conventional security practices. Clearly, enterprises that want to embrace cloud but stay secure need a new approach which adapts to the use of shadow IT.

Secure bridges beat blanket blockages

It is unrealistic to adopt a comprehensive block on all unsanctioned application. IT departments must empower employees by granting access to their favourite cloud apps, while protecting the organisation from data loss and network threats. Rather than blocking apps en-masse, IT departments need the ability to review the activities that pose the greatest risk, such as sharing data outside the company, and block those apps specifically to mitigate their risk. To do this, IT departments need real-time visibility into how cloud application are being used, so they can enforce smart usage policies and promote safe cloud practices to help regulate shadow IT. With the emergence of the latest cloud management and analytics tools, this kind of clarity is very achievable and OC Cloud9 uses it everyday with our clients.

Teaching and engaging

Once IT departments have sight of the applications in used throughout the organisation, the next step is to educate employees about why certain activities have been blocked. Offering alternative apps that have similar features but are lower-risk, means employees will feel empowered by using apps and devices they enjoy, and corporate security is maintained. Whenever our client wants to install a new App on their cloud, they call in and we discuss with them. We then either install it for them or we recommend another App that has similar functions but is better for the company security wise.

Consulting and providing feedback also means IT is in a strong position to give guidelines of approved applications, policies and alternatives. Providing consultative advice ensures IT will be seen as trusted provider; staff will want to be informed and discuss their IT queries so they can get the job done and improve business processes. Ultimately, this open approach will give IT greater visibility and insight into what applications users are deploying.

The need for visibility

In the on-premise world, keeping track of the applications being used and by whom was relatively easy, as they were purchased and managed centrally. But with cloud, different applications are being used by different people across a multitude of devices; many of which have been purchased outside of traditional IT and procurement channels. This stops most IT departments from having visibility and control over the applications being used in the cloud. Costs can also quickly spiral out of control as a result of ‘cloud sprawl’, thanks to the sheer ease of buying services and applications (e.g. employees paying by credit card).

Without having visibility into cloud application usage across the business, organisations will be unable to consolidate applications and miss out on cost-savings as a result of procuring cloud services centrally. Having sight of the cloud applications being purchased allows businesses to easily forecast costs, and to make informed decisions that will improve business processes and cut costs. Here at OC Cloud 9 we have security measures in place to stop a cloud sprawl from happening. We install all applications on your cloud so that we can help improve your cloud experience.

Regaining control will deliver value

Cloud applications like Dropbox and Evernote are helping employees to be productive, but it’s up to businesses to ensure that the applications are secure. IT departments have a tricky job of securing data while allowing employees access to cloud applications; businesses need to support IT with tools which give visibility into the applications in use throughout the IT environment.

With this insight, IT departments can implement a far more strategic approach to cloud usage and security policies. With these controls are in place, the IT department can increase user productivity while securing the IT infrastructure. With this approach, IT can take back control and deliver value to the organisation with a skilled and productive workforce.

OC Cloud9 offers fully Managed Clouds to take all of the hassle away from our clients. Our staff actively consults with our clients, educating them about Cloud Best Practices and how to avoid unintentional employee security breaches. Our Cloud Migration Experts are opening doors to new clients where other Cloud Solution Providers lack the skill set to properly virtualize and migrate all aspects of a company network, including their shadow IT. It’s not just about Hosted Exchange or Office 365. Your biggest obstacle might be your mission critical Proprietary Software Applications. OC Cloud9 can help.

We offer a wide menu of Cloud Solutions such as Hosted Exchange, Virtual Servers, Hosted Software Applications and Virtual Desktop Infrastructure within our custom Private Cloud Environment or yours. Contact a member of our OC Cloud9 team at 949-699-6619 or viaemail for more information.

Information originally obtained from Angel di Ventura at CloudTech. View it here.

Deborah is the Director of Network Operations at OC Cloud 9. She oversees the daily Operations of the company. She has been working with Orange County Computer, Inc., the parent company of OC Cloud9, Inc., since 2003. Prior to working in the IT Industry, her area of expertise was in regulatory compliance in the Healthcare Industry working with state and federal regulatory agencies. She acts as our interpreter regarding all HIPAA Privacy and Security Rules. Deborah's office mantra is "Keep the client happy" and she will act as the liaison between a client request and a technical barrier to resolving as issue. She is happy to help.
In her spare time, you might find her paddle boarding in the ocean or skiing in the mountains.